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Description 

[0001] The invention relates to data communications 
systems and, more particularly, to the secure process- 
ing of messages therein using public key cryptography. 
The invention finds particular, though not exclusive, ap- 
plication to the generation of digital signatures. 
[0002] Public key cryptographic algorithms are widely 
used to certify the origin of or ensure the security or in- 
tegrity of messages in data communications systems. 
Various types of such algorithms exist of which one well 
known variant is the RSA algorithm. A general introduc- 
tion to public key cryptography and the RSA algorithm 
can be found in: Meyer and Matyas 'Cryptography - A 
New Dimension in Computer Data Security', pages 32 
- 48, Wiley 1982. These algorithms have some distinct 
advantages over the more traditional symmetric key al- 
gorithms. In particular, they provide the ability for a key 
to be published or certified so that any independent third 
party can receive and verify a message without refer- 
ence to a central authority. 

[0003] One example of the use of public key cryptog- 
raphy in data communications is in the generation of dig- 
ital signatures. The principle behind these techniques is 
the creation of a public digital value - the signature - 
which depends on a message to be transmitted and the 
signing user, so the receiving user can be sure that the 
sending user, and no other user, could create the signa- 
ture value, and that the user created the signature value 
for this message and no other. 
[0004] In such systems, the party signing a message 
has a private key for which there exists a corresponding 
public key. The public key is^ayailable 6o that* anyone ? 
can use it to decrypt data which* the si^neT encrypts'usy 
ing the private key, but no-one can create such encrypt- 
ed data without access to the private key. 
[0005] Typically, the signer produces a hash value 
from the message using a strong hash algorithm, such 
that the chance of another message resulting in the 
same value is extremely low. The means of calculating 
this, value is public knowledge but there is no feasible 
way to determine a different message which results in 
the same value. The signer encrypts the value using the 
private key, and sends the message and the encrypted 
value to the recipient. 

[0006] The recipient can use the public key to decrypt 
the value, and can test whether the calculation on the 
message produces the same value. If it does, this sat- 
isfies the recipient that the message was the one signed 
because there is no feasible way to calculate another 
message which produces the same value. The recipient 
can also be sure that the signer did indeed sign the mes- 
sage because no-one can create the encrypted value 
without access to the private key. 
[0007] However, such public key encryption schemes 
are computationally intensive and demand substantially 
higher computing resources, such as processing power 
and memory requirements, for encryption and decryp- 



tion than symmetric key schemes. 
[0008] In many applications of public key cryptogra- 
phy to data communications, the message must be 
processed under the control of a portable security de- 

5 vice, such as a smart card, PCMCIA card or laptop com- 
puter, carried and presented by a user. Whilst methods 
have been proposed to enable messages to be signed 
with much less computational effort than they can be 
verified, such as in the US Department of Commerce/ 

10 National Institute of Standards and Technology (NIST) 
Digital Signature Standard published in Federal Infor- 
mation Processing Standard (FIPS) 186, May 19 1994, 
the situation remains that, using current technology, in 
many cases it is not practical or cost-effective to provide 

*s such portable security devices with the necessary 
processing power or memory to perform sufficiently 
strong public key processing in an acceptable time. 
[0009] Various methods have been proposed in the 
prior art to enable such a security device to perform the 

20 public key processing with the aid of a powerful server 
computer, without requiring the security device to reveal 
the secret key to the server. Examples of these tech- 
niques can be found, for example, in: Laih et al, Two 
efficient server-aided secret computation protocols 

25 based on the addition sequence', Advances in Cryptol- 
ogy - Asiacrypt 91 Proceedings 1993 pp450-459. 
[001 0] Wl PO publication no. WO 93/20538 discloses 
a cryptographic communications method and system, 
which describes a method for loading secret data, such 

30 as an application key, on a smart card. This involves a 
public key, and providing the encrypted random key to 
a central processing station. The encrypted random key 

^ Js.decrypted at :.the central station on the basis of a cen- 

V^'Itrpk^ encrypts data on the basis of 

35 the random key and transmits it to the smart card. The 
smart card decrypts the encrypted data on the basis of 
the random key. The random key can be generated in- 
ternally and stored on read protected memory of the 
card. The public key encrypting and secret key decrypt- 

40 ing steps may be based on the RSA algorithm, using a 
small encryption exponent. 

[001 1 ] US patent no 5,41 4,772 discloses a system for 
improving the digital signatures algorithm which de- 
scribes a system of at least two parts, connected to each 
45 other by the means of a common communication inter- 
face wherein a first communication apparatus A, having 
a data processing means, communication means and 
or random or pseudo-random generation means relies 
on the computational power of a second communicating 
so apparatus B having data processing means, communi- 
cation means and memory means in order to compute 
the inverse of a first number x modulo a second number 
n and use the resulting modular inverse in an encryption, 
decryption, key exchange, identification or digital signa- 
ls ture cryptographic protocol. 

[0012] US patent no. 4,969,188 discloses a process 
and apparatus for the protection of secret elements in a 
network of encrypting devices with open key manage- 
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ment. Each encryption device of a communication net- 
work is divided into a base part and a security module 
in credit card form. The security module contains the 
functional stages required for the coding/decoding of the 
keys of lower hierarchical levels and thus the secret el- 5 
ements of the network. The base parts contain no secret 
elements. The secret elements are stored in the security 
module preferably in a cryptologically secured form. A 
password also provided therein secures it against un- 
authorised use. 10 
[0013] Whilst these methods go some way to allevi- 
ating the problem, they suffer from several disadvantag- 
es inherent in storing the secret key on a portable and 
low cost device. 

[0014] First, it is possible the device may be probed is 
to obtain the secret key. 

[001 5] Secondly, if the signer's private key is compro- 
mised, a different user might use it to process messag- 
es. In this circumstance, a means is required to revoke 
the secret key so the unauthorised user can no longer 20 
use it. Since the security devices are not connected to 
the system at all times and could be reconnected to the 
system at any point, withdrawing or preventing use of 
the secret keys is, in practice, very difficult. Typically this 
has been achieved using various types of user black- 25 
lists. However, there are many practical difficulties as- 
sociated with controlling, updating and verifying the au- 
thenticity of such lists, particularly over widespread net- 
works. 

[0016] Furthermore, since some smart card impte- 30 
mentations which make use of public key algorithms for 
signing purposes cannot generate the user's public and 
private key pair within the smart card; there are potential 
security exposures when the tey is: initially loaded Unto?-^?^-" 5 
the security device. This is because' the key generation- 35 - 
algorithm is quite complex, more so than the encryption 
and decryption functions. Therefore if it is required to 
store the secret key on the card then it may also be re- 
quired to generate the secret key off the card and to en- 
ter it onto the card during an initialisation process. This 40 
initialisation process inevitably exposes the key to some 
degree. 

[001 7] This invention is directed to the problem of pro- 
viding a secure method of enabling messages to be 
processed using public key processing on behalf of the 45 
authorised holder of a portable security device, such as 
a smart card, in such a manner that it can be shown that 
only the authorised holder of the security device could 
have authorised the processing of a particular message, 
without requiring the public key algorithm to be per- so 
formed by the security device, without having to store 
the private key in the security device, and without requir- 
ing the key generation process to be performed by the 
security device. 

[001 8] To solve this problem, the invention provides a ss 
communications system in which messages are proc- 
essed using public key cryptography with a private key 
unique to one or more users under the control of a port- 



able security device held by the, or each, user, the sys- 
tem comprising: a server for performing public key 
processing using the private key, the server being 
adapted for data communication with the portable secu- 
rity device; characterised in that the server comprises, 
or has access to, data storage means in which is stored 
in a secure manner the private key for the, or each, user 
in encrypted form only, the private key being encrypted 
with a key encrypting key, the server comprising secure 
processing means to receive a message to be proc- 
essed from the user, retrieve the encrypted private key 
for the user, decrypt the private key using the key en- 
crypting key, perform the public key processing for the 
message using the decrypted private key, and delete the 
key encrypting key and decrypted private key after use, 
and in that each security device comprises means for 
storing or generating the key encrypting key and provid- 
ing the key encrypting key to the server and means for 
specifying a message to be processed, the system be- 
ing arranged so that communication of at least the key 
encrypting key to the server is secure and so that the 
server can only use the key encrypting key to process 
the message specified by the user. 
[0019] A secure server is therefore provided to per- 
form the public key algorithm. However, the server has 
access only to an encrypted form of the private key. A 
portable security device controls the public key process- 
ing by providing the server with a key to enable the serv- 
er to decrypt the private key, use it, and delete the pri- 
vate key after use. 

[0020] The secure communication of the key encrypt- 
ing key to the server can be accomplished in a number 
of ways. In preferred embodiments, the key encrypting 
key is encrypted using a key derived from a second key 
encrypting key stored in the security device for trans- 
mission between -the security device and the server and 
the server has access to the second key encrypting key. 
In this way, communication of the key encrypting key to 
the server is secured by cryptographic means. In other 
embodiments, appropriate physical security of the com- 
munication channel between the security device and the 
server could be used. 

[0021] Similarly, there are a number of ways of ensur- 
ing that the server can only use the key encrypting key 
to process the message provided by the user. In pre- 
ferred embodiments, the key encrypting key is crypto- 
graphicalfy associated with a message to be processed 
and the secure processing means comprises means to 
verify the association of the key encrypting key with the 
message and is arranged only to make use of the key 
encrypting key to process that message. Again, in other 
embodiments, appropriate physical security might be 
provided to ensure this. 

[0022] In one embodiment, the security device can 
encrypt the key encrypting key for transmission to the 
server using a key derived from the message to be 
signed, thereby cryptographically associating the key 
encrypting key with the message. The server comprises 
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secure means for extracting the key from the message 
and decrypting the key encrypting key. In this way, data 
transmitted by the security device can be used to de- 
crypt the secret key for the original message only. It is 
not possible to intercept the transmission to the server 5 
and substitute the message for one not authorised by 
the user. 

[0023] It will be appreciated that there are many other 
ways of cryptographically binding the key encrypting key 
and the message. For example, a message authentica- w 
tion code which could be verified by the server might be 
derived from a combination of the message and the key. 
[0024] In one embodiment of the invention, the key 
encrypting key is stored in the security device as a re- 
versible function of a password or PIN, the security de- 15 
vice comprising means to receive the password from the 
user and being able to recover the key encrypting key 
using the reversible function. This arrangement ensures 
that the data stored in a lost or stolen security device is 
not sufficient to enable a message to be generated 20 
which will permit the server to obtain access to the se- 
cret key. 

[0025] For convenience, the key encrypting key can 
be a one-way function of the private key. In this case, 
the server can check the recovered value of the private 25 
key by deriving therefrom the key-encrypting key and 
comparing the derived value thereof with the value re- 
ceived from the security device. 
[0026] In further embodiments of the invention, the 
key encrypting key can be a reversible function of a key 30 
stored in the security device and a^random number, the 
server comprising means to provtdetheVrar^ 
to the security device on request. L ' " 5 

[0027] Preferably, in such embodiments, the server is 
arranged to reencrypt the private key each time it is used 35 
using a new random number, and to provide the new 
random number to the security device the next time it is 
required to perform public key processing for a user. 
[0028] The use of a random number ensures that the 
process makes use of a new key value for each trans- 40 
action even if the messages are identical, thereby im- 
proving security still further. 

[0029] The invention also provides a portable security 
device, which can be a smart card, and a server for use 
in such a system. 45 
[0030] viewed from another aspect, the invention also 
provides a method for processing messages using pub- 
lic key cryptography with a private key unique to one or 
more users under the control of a portable security de- 
vice held by the, or each, user, in a system comprising: so 
a server for performing public key processing using the 
private key, in which system the server is adapted for 
data communication with the portable security device; 
characterised by the steps of 

55 

(a) storing in the server, or providing the server with 
access to, the private key for the, or each, user in 
encrypted form only, the private key being encrypt- 



ed with a key encrypting key; 

(b) storing or generating in the security device the 
key encrypting key and providing the key encrypting 
key to the server in a manner such that at least the 
key encrypting key is secure in communication to 
the server; and, in a secure environment in the serv- 
er: 

(c) receiving a message to be processed specified 
by the user; 

(d) retrieving the encrypted private key for the user; 

(e) verifying that the message was that specified by 
the user; 

(f) decrypting the private key using the key encrypt- 
ing key; 

(g) performing the public key processing for the 
message using the decrypted private key; and 

(h) deleting the decrypted private key and the key 
encrypting key after use. 

[0031] Embodiments of the invention will now be de- 
scribed, by way of example only, with reference to the 
accompanying drawings, wherein: 

Fig 1 shows a communications system; 

Fig 2 illustrates the generation of a digital signature; 

Fig 3 is a schematic diagram showing a simple first 
embodiment of the invention; 

Figs^4a and 4b illustrate processes carried out in 
f^^trie^art'card^ahd server in the first embodiment; 

Fig 5 illustrates enhancements to the system of Fig 
3; 

Figs 6a and 6b illustrate processes carried out in 
the smart card and server in the enhanced first em- 
bodiment; 

Fig 7 is a schematic diagram illustrating a second 
embodiment of the invention; 

Fig 8 illustrates the process carried out in the smart 
card in the second embodiment of the invention; 

Fig 9 illustrates the process carried out in the server 
in the second embodiment; 

Fig 10 is a schematic diagram showing the initiali- 
sation procedures for the second embodiment; 

Fig 11 is a flow diagram illustrating the initialisation 
procedures for the second embodiment. 

[0032] Referring to Figure 1 , there is shown a com- 
munications system which comprises communications 
network 1 00 which may be any conventional type of lo- 
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cal area network (LAN) or wide area network (WAN) or 
any combination of the two. Connected to the commu- 
nications network 100 is workstation 110 incorporating 
a smart card reader for operating in conjunction with 
smart card 1 20. Also connected to network 1 00 are serv- 
er computer 130 and an intended recipient of a mes- 
sage, shown for the sake of example as mainframe com- 
puter 140. Workstation 110 could, for instance, be a 
point of sale terminal at a retail outlet. Smart card 120 
is in the possession of user 1 50. The system is arranged 
so that user 150 can certify a message, such as a debit 
instruction for the user's account, generated in worksta- 
tion 110 using a digital signature. The generation of the 
digital signature in the system is performed by server 
130 under the control of smart card 120. 
[0033] In the following, the notation E^A) will be 
used to indicate the quantity A encrypted using a key 
KEY. This notation will be used for both public key and 
symmetric cryptographic algorithms. The symbol + rep- 
resents an invertible combination such as an XOR op- 
eration or addition or multiplication mod p, where p is a 
non-secret prime number. 

[0034] It will be understood from what follows that, 
whilst in these embodiments server 130 is assumed, for 
clarity, to be a separate computer from workstation 1 1 0, 
the function of server 130 could equally be performed 
by a process running in workstation 1 1 0 or in mainframe 
computer 140. Furthermore, whilst the embodiments 
are, for clarity described in terms of a single server 130, 
it is envisaged that other embodiments may include a 
plurality of such servers. 

[0035] Figure 2 illustrates Yk/sjmple^xample) of. tjjejj 
principles behind the creation ariduse^q^ 
tures using public key cryptography: It will be under- 
stood that this type of digital signature is only one among 
many techniques for the generation of digital signatures 
using public key cryptography any of which may equally 
be employed in other embodiments of the invention. 
[0036] Fig 2 shows two users who wish to communi- 
cate with each other and to be sure of the identity of the 
other. Each user has a public and private key pair PK 
andSK. Each user shares theirpubtic key with each oth- 
er user. Normally, each user would keep secret their re- 
spective private key, but the public keys would be avail- 
able for whoever wished to communicate with them. 
[0037] Suppose user A wishes to send a message 
MSG to user B over a data communications network. A 
digital signature is generated from the message by first 
generating a hash value of the message using a strong 
hashing function, of which there are many known types. 
An example of a strong hash algorithm suitable for use 
in calculating digital signatures is described in US-A- 
4,908,861 . The particular hashing function involved is 
assumed to be known to B. This hash value is then en- 
crypted using the secret key of A to generate a digital 
signature E SKa (Hash(MSG)). The message is then 
transmitted to user B along with the digital signature. 
User B can verify the authenticity of the message by de- 



crypting the digital signature using the public key PKa 
and comparing the value obtained with a hash value ob- 
tained from the message. 

[0038] In practice, the integrity of the public keys PKa 
5 would be certified by a third party whose role would be 
to certify keys. This would serve to satisfy B that PKa 
was indeed the public key associated with A and not with 
anybody else. Such certification and distribution of pub- 
lic keys is well known in the art and will not be further 
10 described herein. A discussion of these certificates can 
be found in CCITT Recommendation X.509 Directory 
Services (1988). 

[0039] Figure 3 is a schematic diagram showing the 
operation of a simple first embodiment of the invention. 

15 Such an embodiment would be useful if the communi- 
cations between the smart card and the server is sepa- 
rately secured by for example either physical or crypto- 
graphic means so that the keys and messages ex- 
changed are protected. A variety of means are known 

20 to the art, such as the use of secure cabling, or the use 
of data encryption and authentication. In such a high se- 
curity environment, the smart card would act as an ad- 
ditional control over the use of the server. 
[0040] Server 130 includes a secure cryptographic 

25 environment 360, such as that provided by the IBM 4755 
cryptographic adapter, and a disk storage device 350. 
The IBM 4755 cryptographic adapter stores crypto- 
graphic values securely on the storage device 350 un- 
der the protection of an encryption key, the local Master 

30 Key held within the secure cryptographic environment 
360. The IBM 4755 cryptographic adapter provides an 
f * encapsulated and tamper-resistant hardware environ- 
li f jmeht-f oVpferformingjluch cryptographic tasks under the 
* control 7 of microcode resident therein. It is described in 

35 more detail in IBM Systems Journal, Vol 30, No 2 1 991 ? 
pp 206-229, Abraham D-G, Dolan G-M and Stevens J-V. 
[0041] The secret keys SK associated with a number 
of users A, B, C, D ... are Stored securely in storage de- 
vice 350 in encrypted form. They are encrypted using a 

40 conventional symmetric cryptographic algorithm, such 
as the well known DES algorithm, using a user-specific 
key KEY. The user-specific key for user A, denoted 
KEYa, is stored in storage 370 in smart card 120 along 
with information identifying the user - designated A in 

45 Fig 3 - which will enable the corresponding encrypted 
secret key to be retrieved from storage device 350. 
[0042] The process carried out by smart card 120 is 
illustrated in Fig 4a. When user A wishes to send a mes- 
sage MSG and an associated digital signature, smart 

so card 1 20 generates a hash value H of message MSG in 
step 480 and encrypts in step 481 user-specific key 
KEYa using a conventional symmetric algorithm, such 
as DES, with the hash value H as the key. This encrypt- 
ed value of the key is sent along with the message and 

55 the information identifying the user across the network 
to server 130 in step 482. 

[0043] The process carried out by server 130 is illus- 
trated in Fig 4b. Server 130 regenerates the hash value 
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H from the message in step 491 and decrypts the user- 
specific key KEYa in step 492. This KEYa is used in the 
secure environment to decrypt and temporarily store the 
decrypted value of the secret key of the user SKa in step 
493. This decrypted secret key is then used, within the 5 
secure environment 360, to generate the digital signa- 
ture for the message in step 494, which is then either 
sent out directly by server 130 to the intended recipient 
of the message, or returned to smart card 120 for sub- 
sequent transmission. Finally, KEYa, the message, the 10 
hash value and SKa are erased within secure environ- 
ment 360 in step 495. 

[0044] Since the server is provided with secure cryp- 
tographic environment 360 and can therefore be con- 
trolled, assurance can be provided that the secret key is 
SKa was used to sign only the original message, and 
that the message, its hash value H, SKa and KEYa have 
indeed been erased. The property of non-repudiation 
has therefore been preserved. Furthermore, server 1 30 
can be maintained on-line in a systems management 20 
environment. If it is desired to rescind the ability of user 
150 to generate digital signatures this can be easily 
achieved by deleting the encrypted value of SKa from 
storage 350. No access is required to the contents of 
smart card 1 20, which might not be physically available 25 
at the time it is desired to rescind this authority. 
[0045] Fig 5 is a schematic diagram illustrating an en- 
hanced version of the first embodiment of the invention. 
The mode of operation illustrated in Fig 3 is modified in 
a number of ways. / * . . 30 

[0046] First, user 150 has a ■ Rerson^l. Ide/itificatlorivi 
number (PIN) which is used to ensure that bnjy user 150^ ^ 
can make use of smart card 1 20. This is achieved in this 
embodiment by arranging the system so that the key 
with which the user's secret key is encrypted when 35 
stored in server 130 is a combination, in this embodi- 
ment an XOR function denoted by +, of data stored on 
the card, represented as PKREVa in Fig 5, and the PIN, 
PINa in Fig 5. 

[0047] The authenticity of the PIN can be checked by 40 
the smart card by storing therein a value which is a one 
way function - in this case a strong hash - of the PIN. In 
this way, the PIN can be checked by regenerating the 
hash of the PIN supplied by the user and checking this 
against the value stored in the card. This is illustrated 45 
by process 41 0 of Fig 5. 

[0048] PKREVa is a reversible function of the PIN and 
a one-way function - in this case a strong hash - of the 
users secret key SKa. This one way function of the users 
secret key is denoted KOWFa in Fig 5. The reversible so 
function can, for example, be a combination such as an 
XOR operation, or addition or multiplication mod p, 
where p is a non-secret prime number. In this way, the 
one-way function of the secret key KOWFa can be re- 
covered using PINa. Note that using this approach the ss 
user may change his PIN without reference to the serv- 
er. This can be done by the smart card using PKREVa 
with the old and new PINa to recalculate a new value of 



PKREVa using the following relation: 

PKREVa(old)+PINa(old)+PINa(new) = PKREVa(new) 

[0049] The process carried out in smart card 120 is 
illustrated in Fig 6a. When user a wishes to sign a mes- 
sage MSG, the PIN and the message are provided to 
the smart card, which generates a hash value H of the 
message in step 690 and combines this with the data 
stored on the card KCARa in step 691 to form a tran- 
sient, but complete, key encrypting key which is valid for 
one message only. The smart card also recovers KOW- 
Fa from PINa and PKREVa in step 692 and enciphers 
KOWFa in step 693 using the transient key encrypting 
key derived from the message and KCARa. Note that 
the smart card stores neither the PIN nor the key used 
to encrypt the secret key. Therefore, disclosure of the 
data stored on a lost or stolen smart card does not en- 
able use of the secret key. 

[0050] Smart card 1 20 creates a request 440 contain- 
ing information identifying the user A, the enciphered 
value of KOWFa and the message. Request 440 is 
transmitted to server 130 over the network in step 694. 
[0051] The process carried out in server 130 is illus- 
trated in Fig 6b. Server 130 receives the request either 
immediately or at some future time, generates a hash 
value H of the message in step 695, regenerates the 
transient key from the message hash value H and 
KCARa in step 696, which has been retrieved in encrypt- 
ed form from starage,350 and decrypted into clear form. 
%he transient keyjis used to recover KOWFa in step 697 
andfin turn, KOWFais used to recover the user's secret 
key SKa in step 698. 

[0052] The values KCARa, KCARb, etc are stored in 
storage device 350 with confidentiality since otherwise 
they might be used to decrypt SKa by an adversary hav- 
ing intercepted transmission 440. 
[0053] In addition, the validity of the recovered value 
of SKa is checked by using the one way function to gen- 
erate KOWFa from the recovered secret key and com- 
paring this value with the value of KOWFa recovered 
from request 440. 

[0054] The recovered value of SKa is used within the 
secure cryptographic environment to generate the dig- 
ital signature in step 699 in the manner described above. 
As before, the recovered values of SKa and other keys 
are erased from the secure cryptographic environment 
360 after use in step 700. 

[0055] Again, since server 130 includes the secure 
cryptographic environment 360 and is controlled, assur- 
ance can be provided that only the original message 
was signed and that the secret key has indeed been 
erased from within the secure cryptographic environ- 
ment 360. If it is desired to rescind the ability of user 1 50 
to generate digital signatures this can be achieved by 
deleting either the encrypted value of SKa or KCARa 
from storage 350. 
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[0056] Fig 7 is a schematic diagram illustrating a sec- 
ond embodiment of the invention. In this embodiment 
smart card 1 20 associated with user A stores two key 
encrypting keys KEK1a and KCARa. Server 130 stores 
KCARa and one of a series of random numbers RNxa 5 
along with the encrypted form of the user's secret key. 
In this embodiment, the key used to encrypt the user's 
secret key is a combination of KEK1a with RNxa - de- 
noted KEK1 a + RNxa in Fig 7. 

[0057] The process carried out by smart card 120 in io 
this embodiment of the invention is illustrated in Fig 8. 
As before, a user 150 prepares a message MSG to be 
signed using their corresponding secret key SKa. User 
150 has a PIN - denoted PINa in Fig 7 which is entered 
and provided to smart card 120 via a suitable interface is 
(for example a keyboard, not shown). As before, smart 
card 120 authenticates user 150 by generating a hash 
of PINa and comparing this with a stored value POWFa 
using process 410. 

[0058] In step 880, smart card 120 sends a message 20 
to server 1 30 indicating that a message is to be signed. 
Server 1 30 responds by providing a current one of a se- 
ries of random numbers RNxa to smart card 120. 
[0059] Smart card 120 generates a hash value H of 
the message MSG in step 881 then, calculates the key 25 
H + KCARa in step 882. The value KEK1a + RNxa is 
calculated in smart card 120 in step 883 and encrypted 
in step 884 using the key H + KCARa. 
[0060] Smart card 1 20 then passes a request contain- 
ing card id ICARa, the encrypted value of KEKta + 30 
RNxa, and the message over the network to server 1 30 
in step 885. Id ICARa enables the server to locate the 
keys associated with user A. The protocol .cpulo^ajso Jn^ ^ 
elude the passing of RNxa^back^sejry^r 13$ which r 'l 
would allow a consistency check to be performed. r 35 ; 
[0061] The process carried out in server 130 is illus- 
trated in Fig 9. In step 886, server 130 regenerates the 
hash value H from the message and computes the key 
H + KCARa in step 887. Using this key, server 130 re- 
covers KEK1a + RNxa in step 888 by decrypting 40 
E KCARa + h( kek1 a+RNxa) with KCARa + H and recov- 
ers the user's secret key SKa in step 889 by decrypting 
E KEKia+RNxa (SKa) with KEK1a+RNxa. The message is 
then signed as before in step 890. 

[0062] Server 130 then calculates KEK1a in step 891 45 
by recombining a securely stored value of RNxa with 
KEK1a + RNxa. A new random number RN(x+1)a is 
then generated in step 892 for use in the next invocation 
of the algorithm. RN(x+1)a is combined with KEK1a in 
step 893 and used to reencrypt the user's private key in so 
step 894 prior to storage in storage device 350 in step 
896. RN(x+1)a is also stored securely in storage device 
350, replacing RNxa. The clear value of KEK1a in se- 
cure environment 360 is then deleted in step 895, along 
with the clear value of the user's private key SKa, KEK1 a ss 
+ RNxa and KEK1 a + RN(x+1)a. 
[0063] This arrangement prevents the authorization 
quantity E KCARa + H (KEK1 a + RNxa) along with the mes- 



sage MSG being used to generate another digital sig- 
nature, by extracting the variant key KEK1a + RNxa. 
[0064] Fig 1 0 is a schematic diagram showing the in- 
itialisation procedures used in the embodiment of Fig 7. 
[0065] The initialisation process carried out is illustrat- 
ed in Fig 11 . Server 130 generates in step 751 the fol- 
lowing cryptographic keys for user A. 

1 . First key encrypting key KEK1 a 

2. Second key encrypting key KCARa 

3. A public and private key pair, PKa and SKa, for 
use with the public key algorithm. 

[0066] Having generated the keys, server 130 pro- 
vides KEK1 a and KCARa to smart card 1 20 in step 752. 
Server 130 then causes PKa and SKa to be initialised 
within the cryptographic system by requesting appropri- 
ate certificates for PKa and making PKa available 
throughout the network (not shown). 
[0067] Server 130 then generates a random number 
RNIa in step 753 and combines this with KEK1 a in step 
754 to produce a variant key KEK1a + RN1a. SKa is 
then encrypted in step 755 using the variant key to form 
the encrypted.quantity E^^ a+ ^^ a (SKa). 
[0068] A PIN for user A, PINa, is generated in step 
756 along with a hash value POWFa in step 757. PINa 
is provided to user A in step 758, eg by post, and POW- 
Fa is stored on smart card 120 along with user identifi- 
cation data ICARa in step 759. 

[0069] KCARa, RNIa and E^^^^JSKa) are 
stored securely in storage 350 in step 760 and the clear 
values of SKa, KCARa, KEK1 a and their derivatives are 
erased from, the secure cryptographic environment 360 
in step*761. Vh? * 

[0070] In embodiments in which there exist in the sys- 
tem more than one server 1 30 capabable of performing 
public key processing on behalf of user 150, and when 
it is desired, to distribute SKa to each additional server 
node, the following process can be performed when the 
server 360 has SKa in a clear form, which is at the time 
of generation of SKa and whenever the user provides a 
message to be digitally signed to the server. At this time 
the server having posession of the clear value of SKa 
will create an additional RNxa value for the extra server 
node and prepare an extra enciphered copy of SKa us- 
ing the same process, 892, 893, and 894, as is used to 
obtain a local newly enciphered SKa value. Then the 
server node will send the additional value of RNxa and 
KCARa, with confidentiality, along with the related enci- 
phered value of SKa to the additional node. All extra val- 
ues of RNxa and associated enciphered values of SKa 
are destroyed within the server at the conclusion of this 
process. 

[0071] This process will ensure that each additional 
server node can operate independently with the user 
with the preservation of the property of non-repudiation. 
[0072] It will be understood that secure methods exist 
for distributing cryptographic keys such as KEK1a, 
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KCARa and SKa between secure cryptographic servers 
within a network. 



Claims s 
1. A communications system 



2. A system as claimed in claim 1 wherein the key en- so 
crypting key is encrypted using a key derived from 
a second key encrypting key (KCARa) stored in the 
security device (120), for transmission between the 
security device and the server, the server (130) 
comprising, or having access to, data storage 55 
means in which the second key encrypting key is 
stored in a secure manner, whereby communication 
of the key encrypting key to the server is secure. 



3. A system as claimed in claim 1 or claim 2 wherein 
the key encrypting key is cryptograph icalty associ- 
ated with a message to be processed, the secure 
processing means comprising means to verify the 
association of the key encrypting key with the mes- 
sage and being arranged only to make use of the 
key encrypting key to process that message. 

A system as claimed in claim 3 wherein the security 
device comprises means to encrypt the key en- 
crypting key for transmission to the server using a 
key derived from the message to be signed, the 
server comprising secure means (360) for generat- 
ing the key from the message and decrypting the 
key encrypting key. 

A system as claimed in any preceding claim wherein 
the key encrypting key is stored in the security de- 
vice as a reversible function of a password (PINa), 
the system comprising means to receive from the 
user (150), and provide to the security device, the 
password, the security device comprising means to 
recover the key encrypting key using the reversible 
function. 

A system as claimed in any preceding claim wherein 
the key encrypting key (KOWFa) is a one-way func- 
tion of the private key, the server comprising means 
to check the recovered value of the private key by 
deriving therefrom the key-encrypting key and com- 
paring the derived value thereof with the value re- 
ceived,f rp'm the&ecu rity device . 

A system as claimed in any preceding claim wherein 
the key encrypting key is a reversible function of a 
key stored in the security device (KEK1 a) and a ran- 
dom number (RNxa), the server (130) comprising 
means to provide the random number to the secu- 
rity device (120), wherein the server (130) is ar- 
ranged to reencrypt the private key each time it is 
used using a new random number, and to provide 
the new random number to the security device the 
next time it is required to perform public key 
processing for a user. 

A server (130) being adapted for data communica- 
tions with a portable security device and comprising 
secure storage means (350) ; 

characterised in that the private key for the, 
or each, user is stored in encrypted form only, the 
private key being encrypted with a key encrypting 
key, the server comprising secure means (360) to 
retrieve the encrypted private key for the user, de- 
crypt the private key using the key encrypting key, 
perform the public key processing using the de- 
crypted private key, and delete the decrypted pri- 
vate key and the key encrypting key after use and 
the server is for use in a communication system as 



in which messages are processed using public 4. 
key cryptography with a private key (SKa) 10 
unique to one or more users (150) under the 
control of a portable security device (120) held 
by the, or each, user, 

the system comprising: is 

a server (130) for performing public key 5. 
processing using the private key; 
the server (130) being adapted for data com- 
munication with the portable security device 20 
(120); 

characterised in that 

the server (130) comprises, or has access to, 25 
data storage means in which is stored in a se- 6. 
cure manner the private key for the, or each, 
user in encrypted form only, the private key be- 
ing encrypted with a key encrypting key (KEYa; 
KOWFa; KEK1 a + RNxa), 30 
the server comprising secure processing 
means (360) to receive aj^ssage>to b^procp^,^^ £|| 
essedfrom the user, retrieve.fhe .eh^cry^^d..pri^ JsO 
vate key for the user, decrypt the private key 7. 
using the key encrypting key, perform the public 35 
key processing for the message using the de- 
crypted private key, and delete the key encrypt- 
ing key and decrypted private key after use, 
and in that each security device (1 20) compris- 
es means for storing or generating the key en- 40 
crypting key and providing the key encrypting 
key to the server (130) and means for specify- 
ing a message to be processed, 
the system being arranged so that communica- 
tion of at least the key encrypting key to the 45 
server is secure and so that the server can only 8. 
use the key encrypting key to process the mes- 
sage specified by the user. 
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claimed in any of claims 1 to 7. 

9. A method for processing messages using public key 
cryptography with a private key (SKa) unique to one 
or more users (1 50) under the control of a portable s 
security device (120) held by the, or each, user, in 
a system comprising: a server (130) for performing 
public key processing using the private key, in which 
system the server (1 30) is adapted for data commu- 
nication with the portable security device (1 20); 10 
characterised by the steps of 

(a) storing in the server, or providing the server 
with access to, the private key for the, or each, 
user in encrypted form only, the private key be- 
ing encrypted with a key encrypting key (KEYa; 
KOWFa; KEK1a+RNxa) ; 

(b) storing or generating in the security device 
the key encrypting key and providing the key 
encrypting key to the server (130) in a manner 20 
such that at least the key encrypting key is se- 
cure in communication to the server; 

and, 

in a secure environment in the server (130) : 25 

(c) receiving a message to be processed spec- 
ified by the user; 

(d) retrieving the encrypted private key for the 
user; 30 

(e) verifying that the message was that speci- 
fied by the user; i Q| tj^J$ f f if f| 

(f) decrypting the privatekey using^e'key er?-'- - 
crypting key; 

(g) performing the public key processing for the 35 
message using the decrypted private key; and 

(h) deleting the decrypted private key and the 
key encrypting key after use. 

40 

PatentansprQche 

1. Datenubertragungssystem, 

in welchem Nachrichten unter Verwendungder Ver- 
schliisselung eines offentlichen Schlussels mit ei- <*$ 
nem ausschlieBlich einem oder mehreren Benut- 
zem (150) zur Verfugung stehenden privaten 
Schlussel (Ska) unter der Kontrolle einer durch den 
oder jeden Benutzer in der Hand gehaltenen, trag- 
baren Sicherheitsvonichtung (120) verarbeitet wer- so 
den, wobei das System Folgendes umfasst: 

einen Server (130) zum Durchfuhren der Ver- 
arbeitung des offentlichen Schlussels unter 
Verwendung des privaten Schlussels; 55 

wobei der Server (130) zum Datenaustausch mit 
der tragbaren Sicherheitsvonichtung (120) einge- 



richtet ist; 

dadurch gekennzeichnet, dass 

der Server (1 30) ein Datenspeichermittel um- 
fasst oder Zu griff auf dieses hat, in welchem der 
dem oder jedem Benutzer zur Verfugung ste- 
hende private Schlussel nur in verschlussefter 
Form auf sichere Weise gespeichert ist, wobei 
der private Schlussel durch einen Schlus- 
sel-Chiffrierschlussel (KEYa; KOWFa; KEK1a 
+ RNxa) verschlusselt wird, 

der Server ein sicheres Verarbeitungsmittel 
(360) zum Empfangen einer zu verarbeitenden 
Nachricht vom Benutzer, zum Abrufen des ver- 
schlusselten privaten Schlussels fur den Be- 
nutzer, zum Entsch (Ossein des privaten Schlus- 
sels unter Verwendung des Schlussel-Chiffrier- 
schlussels, zum Durchfuhren derVerarbeitung 
des offentlichen Schlussels fur die Nachricht 
unter Verwendung des entschlusselten priva- 
ten Schlussels und zum Loschen des Schlus- 
sel-Chrffrierschlussels und des entschlusselten 
privaten Schlussels nach der Benutzung, 

und dass jede Sicherheitsvonichtung (120) ein 
Mitt el zum Spetchem oder Erzeugen des 
Schlussel-Chiffrierschlussels und zum Bereit- 
stellen des Schlussel-Chiffrierschlussels fur 
den Server (1 30) sowie ein Mrttel zum Angeben 
einer zu verarbeitenden Nachricht umfasst, 
^5*Vi^'%^ e i^^i^^ em so angeordnet ist, dass zu- 
^'^4' i " ' m ^ de st' ^ie JObertragu ng des Sch I ussel -Ch if- 
frierschlussels zum Server sicher ist und der 
Server den Schlussel-Chiffrierschlussel nurzur 
Verarbeitung der durch den Benutzer angege- 
benen Nachricht verwenden kann. 

2. System nach Anspruch 1 , wobei der Schlussel-Chif- 
frierschlussel fur die Ubertragung zwischen der Si- 
cherheitsvonichtung und dem Server unter Ver- 
wendung eines Schlussels verschlusselt wird, der 
von einem in der Sicherheitsvorrichtung (120) ge- 
speicherten zweiten Schlussel-Chiffrierschlussel 
abgeleitet wird, wobei der Server (130) ein Daten- 
speichermittel umfasst oder Zugriff auf dieses hat, 
in welchem der zweite Schlussel-Chiffrierschlussel 
auf sichere Weise gespeichert wird, wodurch die 
Ubertragung des Schlussel-Chiffrierschlussels zum 
Server sicher ist. 

3. System nach Anspruch 1 oder Anspruch 2, wobei 
der Schlussel-Chiffrierschlussel kryptografisch ei- 
ner zu verarbeitenden Nachricht zugewiesen wird 
und das sichere Verarbeitungsmittel ein Mittel zum 
Prufen der Zuweisung des Schlussel-Chiffrier- 
schlussels zur Nachricht umfasst und so eingerich- 
tet ist, dass das Verarbeitungsmittel den Sch I us - 
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sel-Chrffrierschlussel nur zur Verarbeitung dieser 
Nachricht verwenden kann. 

System nach Anspruch 3, wobei die Sichertiertsvor- 
richtung ein Mittel zum Verschlusseln des Schliis- s 
sel-Chiffrierschlussels fur die Ubertragung zum 
Server unter Verwendung eines von der anzumel- 
denden Nachricht abgeleiteten Schlussels und der 
Server ein sicheres Mittel (360) zum Erzeugen des 
Schlussels aus der Nachricht und zum Entschlus- 10 
seln des Schlussel-Chiffrierschlussels umfasst. 

t 

System nach einem der vorangehenden Ansprii- 
che, wobei der Schlussel-Chiffrierschiussel als Um- 
kehrfunktion eines Kennworts (PINa) in der Sicher- *5 
heitsvorrichtung gespeichert wird und das System 
ein Mittel zum Empfangen des Kennworts vom Be- 
nutzer (150) sowie zum Senden an die Sicherheits- 
vorrichtung und die Sicherheitsvorrichtung ein Mit- 
tel zur Wiederhersteliung des Schlussel-Chiffrier- 20 
schlussels unter Verwendung der Umkehrfunktion 
umfasst. 

System nach einem der vorangehenden Anspru- 
che, wobei der Schlussel-Chiffrierschiussel 25 
(KOWFa) eine Einwegfunktion des privaten Schlus- 
sels ist und der Server ein Mittel zum Prufen des 
wiederhergestellten Wertes des privaten Schlus- 
sels durch Ableiten des Schlussel-Chiffrierschlus- 
sels von dem privaten Schlussel und Vergleichen 30 
des davon abgeleiteten Wertes mit dem von der Si- 
cherheitsvorrichtung empfangenen'Wert umfasstM#«\|fS 

System nach einem der vorangehenden Anspru- 
che, wobei der Schlussel-Chiffrierschiussel eine re- 
versible Funktion eines in der Sicherheitsvorrich- 
tung gespeicherten Schlussels (KEK1 a) und einer 
Zufallszahl (RNxa) ist und der Server (130) ein Mit- 
tel zum Bereitstellen der Zufallszahl fur die Sicher- 
heitsvorrichtung (120) umfasst, wobei der Server 
(130) so eingerichtet ist, dass er den privaten 
Schlussel bei jeder Benutzung mrttels einer neuen 
Zufallszahl neu verschlOsselt und der Sicherheits- 
vorrichtung die neue Zufallszahl beim nachsten Mai 
zur Verfugung stellt, wenn sie zur Durchfuhrung der 
Verarbeitung des offentlichen Schlussels fur einen 
Benutzer benotigt wird. 
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Zur Datenubertragung mit einer tragbaren Sicher- 
heitsvorrichtung eingerichteter Server (130), der 
ein sicheres Speichermittel (350) umfasst; 
dadurch gekennzelchnet, dass der dem oder je- 
dem Benutzer zur Verfugung stehende private 
Schlussel nur in verschlusselter Form gespeichert 
wird, wobei der private Schlussel durch einen 
Schlussel-Chiffrierschiussel verschlOsselt wird und 
der Server ein sicheres Mittel (360) zum Abrufen 
des verschlQsselten privaten Schlussels fur den Be- 
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nutzer, zum Entschlusseln des privaten Schlussel 
unter Verwendung des Schlussel-Chiffrierschlus- 
sels, zum Durchfuhren der Verarbeitung des offent- 
lichen Schlussels unter Verwendung des entschlus- 
selten privaten Schlussels und zum Loschen des 
entschlussetten privaten Schlussels und des 
Schlussel-Chiffrierschlussels nach Benutzung um- 
fasst und der Server zur Verwendung in einem Da- 
tenubertragungssystem nach einem der Anspruche 
1 bis 7 geeignet ist. 

Verfahren zur Verarbeitung von Nachrichten unter 
Verwendung der Verschlusselung offentlicher 
Schlussel mit einem ausschlieBlich einem Oder 
mehreren Benutzem (150) zur Verfugung stehen- 
den privaten Schlussel (Ska) unter der Kontrolle ei- 
ner durch den oderjeden Benutzer in der Hand ge- 
haltenen, tragbaren Sicherheitsvorrichtung (120) in 
einem System, welches Folgendes umfasst: einen 
Server (130) zum Durchfuhren der Verarbeitung 
des offentlichen Schlussels unter Verwendung des 
privaten Schlussels, wobei der Server (1 30) in dem 
System fur die Datenubertragung mit der tragbaren 
Sicherheitsvorrichtung (120) eingerichtet ist; 
gekennzelchnet durch die folgenden Schritte: 

a) Speichern des privaten Schlussels fur den 
Oder jeden Benutzer ausschlieRlich in ver- 
schlusselter Form in dem Server oder Ver- 
schaffen des Zugriffs des Servers auf den 
Schlussel, wobei der private Schlussel durch 

V^jingn, ^Sctilussel-Chiffrierschlussel (KEYa; 

ft . ^KGWFa; KEKta + RNxa) verschlOsselt wird; 

(b) Speichern oder Erzeugen des Schlus- 
sel-Chiffrierschlussels in der Sicherheitsvor- 
richtung und Bereitstellen des Schlussel-Chif- 
frierschlussels fur den Server (130) auf solche 
Weise, dass bei der Ubertragung zum Server 
zumindest der Schlussel-Chiffrierschiussel si- 
cher ist; 

und, 

in einer sicheren Umgebung im Server (130): 

(c) Empfangen einer durch den Benutzer an- 
gegebenen zu verarbeitenden Nachricht; 

(d) Abrufen des verschlussetten privaten 
Schlussels fur den Benutzer; 

(e) Prufen, ob es sich urn diejenige Nachricht 
handelt, die durch den Benutzer angegeben 
wurde; 

(f) Entschlusseln des privaten Schlussels unter 
Verwendung des Schlussel-Chiffrierschlus- 
sels; 
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(g) DurchfQhren der Verarbeitung des offentli- 
chen Schlussels fur die Nachricht unter Ver- 
wendung des entschlusselten privaten Schlus- 
sels; und 

(h) Loschen des entschlusselten privaten 
Schlussels und des Schlussel-Chiffrierschlus- 
sels nach Benutzung. 



Revendications 

1 . Un systeme de communication, 

dans lequel des messages sont traites par utilisa- 
tion d'une cryptographie a cle publique, avec une 
cle privee (Ska), unique a un ou plusieurs utilisa- 
teurs (1 50), sous la commande d'un dispositif de se- 
curity portable (120) transports par le, ou chaque, 
utilisateur, 

le systeme comprenant : 

un serveur (130) pour executer un traitement a 
cle publique en utilisant la cle privee ; 

le serveur (1 30) etant adapts pour une commu- 
nication de donnees avec le dispositif de secu- 
rite portable (120) ; 

caracterise en ce que 

le serveur (130) comprendf pu a acces ajdes^ 
moyens de stockage de donri4esff :'darfsj le'srl 
quels sont stockes de maniere sOre la cle pri- 
vee pour le, ou chaque, utilisateur, sous une 
forme cryptee uniquement, la cle privee etant 
cryptee avec une cle decryptage decle (KEYa ; 
KOWFa ; KEK1a + Rnxa), 

le serveur comprenant des moyens de traite- 
ment sOrs (360), pour recevoir un message de- 
vant etre traite de la part de r utilisateur, recu- 
perer la cle privee cryptee pour I'utilisateur, de- 
crypter la cle privee par utilisation de la cle de 
cryptage de cle, executer le traitement a cl6 pu- 
blique pour le message, par utilisation de la cle 
privee decryptee, et supprimer la cle de cryp- 
tage de cle et la cle privee decryptee apres uti- 
lisation, 

et en ce que chaque dispositif de securite (1 20) 
comprend des moyens, pour stocker ou gene- 
rer la cle de cryptage de cle et fournir la cle de 
cryptage de cle au serveur (130), et des 
moyens pour specifier un message a traiter, 

le systeme etant agence de maniere que la 
communication d'au moins la d6 de cryptage 
de cle au serveur soit sure, et de maniere que 
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le serveur puisse uniquement utiliser la cle de 
cryptage de cle pour traiter le message specif ie 
par I'utilisateur. 

5 2. Un systeme selon la revendication 1 , dans lequel la 
cle de cryptage de cle est cryptee, par utilisation 
d'une cle derivee d'une deuxieme cle de cryptage 
de cle (KCARa) stockee dans le dispositif de secu- 
rite (1 20), pour une transmission entre le dispositif 
f 0 de securite et le serveur, le serveur (1 30) compre- 
nant, ou ayant acces a, des moyens de stockage 
de donnees, dans lesquels la deuxieme cte de stoc- 
kage de cle est stockee de maniere sure, de ma- 
niere qu'une communication de la cle de cryptage 
'5 de cle au serveur soit sOre. 

3. Un systeme selon la revendication 1 ou la revendi- 
cation 2, dans lequel la cle de cryptage de cle est 
associee cryptographiquement a un message de- 

20 vant etre traite, les moyens de traitement sOrs com- 
prennent des moyens pour verifier ('association de 
la cle de cryptage de cle au message et etant agen- 
ces uniquement pour faire utilisation de la cle de 
cryptage de cle pour traiter ce message. 

25 

4. Un systeme selon la revendication 3, dans lequel le 
dispositif de securite comprend des moyens pour 
crypter la cl6 de cryptage de cle pour transmission 
au serveur, en utilisant une cl6 d6rivee du message 

30 devant etre signe, le serveur comprenant des 
■■5 f^-'^:? moyens sure (360) pour generer la cle a partir du 
a L«^*h%v- mes^ageet p'ousdecrypter la cle de cryptage de cle . 

5. Un systeme selon Tune quelconque des revendica- 
35 tions p recede ntes, dans lequel la cle de cryptage 

de cle est stockee dans le dispositif de securite, 
sous forme de f onction reversible d'u n mot de passe 
(PINa), le systeme comprenant des moyens pour 
recevoir, de la part de I'utilisateur ' (150), et foumir 
40 au dispositif de securite, le mot de passe, le dispo- 
sitif de securite comprenant des moyens pour recu- 
perer la cle de cryptage de cle, par utilisation de la 
fonction reversible. 

45 6. Un systeme selon I'une quelconque des revendica- 
tions precedentes, dans lequel la cle de cryptage 
de cl6 (KOWFa) est une fonction unidirectionnelle 
de la cle privee. le serveur comprenant des moyens 
pour contrdler la valeur recuperee de la cle privee, 
so par une derivation, a partir de cela, de la cle de cryp- 
tage de cle et pour comparer sa valeur derivee a la 
valeur recue du dispositif de securite. 

7. Un systeme selon I'une quelconque dans revendi- 
55 cations precedentes, dans lequel la cle de cryptage 
de cle est une fonction reversible d'une cle stockee 
dans le dispositif de securite (KEK1 a) et d'un n om- 
bre aleatoire (Rnxa), le serveur (130) comprenant 
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des moyens pourfournir le nombre aleatoire au dis- 
posilif de s ecu rite (120), dans lequet le serveur 
(130) est agence pour recrypter la cle privee cha- 
que fois qu'elle est utilisee, en utilisant un nouveau 
nombre aleatoire, et pour foumir le nouveau nom- 5 
bre aleatoire au dispositif de s ecu rite la prochaine 
fois qu'il se voit demander d'executer un traitement 
a cle publique pour un utilisateur. 

8. Un systeme (130), adapte pour des communica- 10 
tions de donnees avec un dispositif de securite por- 
table et comprenant des moyens de stockage surs 
(350) ; 

caracterise en ce que la cle privee pour le, ou che- 
que, utilisateur est stocke uniquement sous forme is 
cryptee, la cle privee etant cryptee avec une cle de 
cryptagede cle, leserveurcomprenantdes moyens 
sQrs (360) pour recuperer la cle privee cryptee pour 
("utilisateur, decrypter la cle privee par utilisation de 
la cle de cryptage de cle, executer le traitement a 20 
cle publique par utilisation de la cle privee decryp- 
tee, et supprimer la cle privee decryptee et la cle de 
cryptage de cle apres utilisation, et le serveur est 
prevu pour utilisation dans un systeme de commu- 
nication tel qu'indique a Tune quelconque des re- 25 
vendications 1 a 7. 



(d) recuperer la cle privee cryptee pour 
('utilisateur ; 

(e) verifier que le message etait celui specifie 
par ('utilisateur ; 

(f) decrypter la cle privee en utilisant la cle de 
cryptage de cle ; 

(g) executer le traitement a cle publique pour le 
message, en utilisant la cle privee decryptee ; 
et 

(h) supprimer la cle privee decryptee et la cle 
de cryptage de cle, apres utilisation. 



Un proc6de de traitement de messages par utilisa- 
tion d'une cryptographie a cle publique, avec une 
cle privee (SKa) unique a un ou plusieurs utilisa- 30 
teurs (1 50), sous la commande d'un dispositif de se- 
curite portable (120) transports par le, ou chaque, n t . 
utilisateur, dans un systeme^cbmprehant ^uts iefi^ V; £).{r S J ;:' 1 -i 

veur (130) pour executer un traitement a cl6 publi- * : \> :,r " ' A " ''■ ,,Sf ' 
que par utilisation de la cle privee, systeme dans 35 
lequel le serveur (130) est adapte pour effectuer 
une communication de donnees avec le dispositif 
de securite portable (120) ; 
caracterise par les etapes consistant a : 

40 

(a) stocker dans le serveur, ou fournir au ser- 
veur I'acces a, la cle privee pour le, ou chaque, 
utilisateur, sous forme cryptee uniquement, la 
cle privee etant cryptee avec une cle de cryp- 
tage de cle (KEYa ; KOWFa ; KEK1 a+Rnxa) ; 45 



(b) stocker ou generer, dans le dispositif de se- 
curite, la cle de cryptage de cle et foumir la cle 
de cryptage de cl§ au serveur (1 30), de manie- 

re qu'au moins la cle de cryptage de cle so it 50 

sure dans la communication au serveur ; 

et, 

dans un environnement sur, dans le serveur 
(130): 

55 

(c) recevoir un message a traiter, specific par 
I'utilisateur ; 
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